The Zero Day has a case number of CVE-2018-0802 is a memory corruption issue that can be exploited for remote code execution by getting targeted users to open a specially crafted file via Office or WordPad.

The vulnerability is related to a 17-year-old vulnerability in the Equation Editor (EQNEDT32.EXE), which the software giant fixed in November.

Other updates fix a spoofing vulnerability in Office for Mac that has already been publicly disclosed. Sixteen of the flaws resolved this month have been rated critical, a majority affecting the scripting engine used by the Edge and Internet Explorer web browsers.

Microsoft has also rated critical a Word vulnerability (CVE-2018-0797) that can be exploited for remote code execution using specially crafted RTF files.